EUVD-2026-16969
GHSA-f739-9xv4-c36c
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Description
A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formSetEmail. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
Analysis
Stack-based buffer overflow in D-Link DIR-513 1.10 router's email configuration interface allows authenticated remote attackers to achieve arbitrary code execution with high impact to confidentiality, integrity, and availability. The vulnerability affects the formSetEmail function via manipulation of the curTime parameter. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
24 hours: Inventory all D-Link DIR-513 v1.10 devices in production and restrict network access to the administrative interface (typically port 80/443) via firewall rules or network segmentation. 7 days: Disable the email configuration feature on all affected devices if business operations permit, or migrate to supported router models from D-Link or alternative vendors. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today